Teams Calling Policies

The purpose of Teams Policies is to restrict or control specific features or functions. Though they are available, many organizations don’t use them. To assist with this, Microsoft does provide “Global” policies that contain necessary restrictions, but in reality, they are not the final controls. As part of some work I have recently done, it became evident that specific policies associated with different groups of users are needed.

The design of policies allows for this granularity by enabling you to create as many policies as needed and then assign to specific individuals or groups of users. Usually, the first round of policies most organizations create are:

  • Meeting
  • Messaging
  • App Setup
  • Calling (Optional)
  • Live Events (Optional)
  • Channels

These policies control the use of chat, giphys, who can start the meeting, and specifics around webcasts using Teams. One of the areas where organizations do not configure normally is Teams as a Phone System. Though for some reason, many do create “Calling” policies, they don’t enable the voice part of Teams. I refer to the Public Switched Telephone Network (PSTN) or regular phone calling capabilities. Out of the box, Microsoft provides three calling policies:

  • Allow Calling
  • Disallow Calling
  • Global (Org-wide)

These policies control the ability to:

  • Make private calls
  • Call forwarding and simultaneous ringing to people in your organization
  • Call forwarding and simultaneous ringing to external phone numbers
  • Voicemail is available for routing inbound calls
  • Inbound calls can route to call groups
  • Allow delegation for inbound and outbound calls
  • Prevent toll bypass and send calls through the PSTN
  • Busy on busy is available when in a call
  • Allow web PSTN calling

The most common configuration allows everything, except the “toll bypass” and “busy on busy” configuration. However, when designing policies for different audiences, these will change. Microsoft also provides “Calling ID Policies,” which determine how and if the incoming or outgoing caller ID is displayed. There is a single “Global” policy that blocks the incoming caller ID, replaces the outgoing called ID with the number of the user, and removes the ability to override the policy.

When creating these types of policies for using Teams as a Phone, the recommendation is to develop policies that limit the specific users that need it. For example, a recent requirement I had was to ensure that for all “outgoing” calls, the number did not show, limiting someone’s ability to call back on that number. However was not for all users either, so a new “Calling ID Policy” is required that sets the “Replace the caller ID with” setting to “Anonymous.”

You can create calling policies using both the user interface within the Teams Admin Center and also using PowerShell. The link for PowerShell points to the “Set” command not the “New” command as the documentation does not exist for that. A code example however is:

New-CsTeamsCallingPolicy -Identity "Calling Policy" `
    -AllowPrivateCalling $true `
    -AllowCallForwardingToUser $false `
    -AllowCallForwardingToPhone $false `
    -AllowVoicemail "AlwaysDisabled" `
    -AllowCallGroups $false `
    -AllowDelegation $false `
    -PreventTollBypass $false `
    -BusyOnBusyEnabledType "Disabled" `
    -AllowWebPSTNCalling $true

You can read more using the links below:

Teams Calling and Calling ID Policies using the Teams Admin Center: https://docs.microsoft.com/en-us/microsoftteams/teams-calling-policy

Teams Calling and Calling ID Policies using the PowerShell: https://docs.microsoft.com/en-us/powershell/module/skype/set-csteamscallingpolicy?view=skype-ps

Liam Cleary

Liam began his career as a Trainer of all things computer-related. He quickly realized that programming, breaking, and hacking was a lot more fun. He spent the next few years working within core infrastructure and security services until he found SharePoint. He is the founder and owner of SharePlicity, a consulting company that focuses on all areas of Technology. His role within SharePlicity is to help organizations implement technology that will enhance internal and external collaboration, document and records management, automate business processes, and of course security controls and protection. He is also a Microsoft MVP focusing on Architecture but also crosses the boundary into Development. He is also a Microsoft Certified Trainer (MCT). His specialty over the past few years has been security in SharePoint and its surrounding platforms. He can often be found at user groups or conferences speaking, offering advice, spending time in the community, teaching his kids how to code, raspberry PI programming, hacking the planet or building Lego robots.

You may also like...